将AndroidKeyStoreRSAPrivateKey崩溃转换为RSAPrivateKey [英] Crash casting AndroidKeyStoreRSAPrivateKey to RSAPrivateKey
问题描述
我按照本教程:如何使用Android密钥库存储密码和其他敏感信息。 (宽松地)与Google示例应用程序绑定: BasicAndroidKeyStore 。
I'm following this tutorial: How to use the Android Keystore to store passwords and other sensitive information. It (loosely) ties up with the Google Sample app: BasicAndroidKeyStore.
我可以使用公钥加密我的数据,我可以在运行Lollipop的设备上解密。然而,我有一个Nexus 6运行棉花糖,这崩溃给出的错误:
I can encrypt my data using the public key, and I can decrypt on devices running Lollipop. However I have a Nexus 6 running marshmallow and this crashes giving the error:
java.lang.RuntimeException: Unable to create application com.android.test: java.lang.ClassCastException: android.security.keystore.AndroidKeyStoreRSAPrivateKey cannot be cast to java.security.interfaces.RSAPrivateKey
这是它崩溃的代码:
KeyStore.Entry entry;
//Get Android KeyStore
ks = KeyStore.getInstance(KeystoreHelper.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
// Weird artifact of Java API. If you don't have an InputStream to load, you still need to call "load", or it'll crash.
ks.load(null);
// Load the key pair from the Android Key Store
entry = ks.getEntry(mAlias, null);
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
//ERROR OCCURS HERE::
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) privateKeyEntry.getPrivateKey();
Cipher output = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
output.init(Cipher.DECRYPT_MODE, rsaPrivateKey);
我不愿意把这放到Android M奇怪,因为我没有理由为什么java加密库会改变。如果M版本发生了,我们的应用程序立即崩溃了M我会很麻烦。
I'm reluctant to put this down to an Android M oddity as I see no reason why the java crypto libraries would have changed. If the M release comes around and our app immediately crashes on M I'll be in big trouble.
我做错了什么?错误非常具体地说,你不能投射到RSAPrivateKey,所以有谁知道一个更好的方法来获得RSAPrivateKey从条目?
I am doing something wrong? The error very specifically says you can't cast to RSAPrivateKey, so does anyone know a better way to get the RSAPrivateKey from the entry?
很多谢谢。 >
Many many thanks.
推荐答案
我设法通过从Cipher.getInstance中删除提供程序和不将其转换为RSAprivateKey。
I managed to get this working by removing the Provider from Cipher.getInstance and not casting to a RSAprivateKey.
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
Cipher output = Cipher.getInstance("RSA/ECB/PKCS1Padding");
output.init(Cipher.DECRYPT_MODE, privateKeyEntry.getPrivateKey());
我不是100%,但我认为这个的原因我相信是棉花糖的变化OpenSSL到BoringSSL。
https://developer.android.com/preview/behavior- changes.html#behavior-apache-http-client
I'm not 100% but I think the reason for this I believe is the change in marshmallow from OpenSSL to BoringSSL. https://developer.android.com/preview/behavior-changes.html#behavior-apache-http-client
无论如何,上述内容适用于M及以下版本。
Anyway, the above worked for M and below.
这篇关于将AndroidKeyStoreRSAPrivateKey崩溃转换为RSAPrivateKey的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!